 |
 |
 |
 |
 |
 |
|
 |
||||||
 |
|
|
|
|
|
|
| Wolfsberg AML Principles on Private Banking | ||
|
Preamble |
|
Preamble |
||
| The following guidelines are understood
to be appropriate for private banking relationships. Guidelines for
other market segments may differ. It is recognized that the establishment
of policies and procedures to adhere to these guidelines is the responsibility
of management. |
||
1 |
Client acceptance: general guidelines |
|
1.1 |
General |
|
Bank policy will be to prevent the use
of its worldwide operations for criminal purposes. The bank will
endeavor to accept only those clients whose source of wealth and
funds can be reasonably established to be legitimate. The primary
responsibility for this lies with the private banker who sponsors
the client for acceptance. Mere fulfilment of internal review procedures
does not relieve the private banker of this basic responsibility. |
||
1.2 |
Identification |
|
The bank
will take reasonable measures to establish the identity of its clients
and beneficial owners and will only accept clients when this process
has been completed. |
||
 |
||
| 1.2.1 | Client | |
| • • • • |
Natural persons: identity will be established
to the bank's satisfaction by reference to official identity papers
or such other evidence as may be appropriate under the circumstances. Corporations, partnerships, foundations: the bank will receive documentary evidence of the due organization and existence. Trusts: the bank will receive appropriate evidence of formation and existence along with identity of the trustees. Identification documents must be current at the time of opening. |
|
| 1.2.2 | Beneficial owner | |
| Beneficial ownership must be established
for all accounts. Due diligence must be done on all principal beneficial
owners identified in accordance with the following principles: |
||
| • • • • • |
Natural persons: when the account is in the name of
an individual, the private banker must establish whether the client
is acting on his/her own behalf. If doubt exists, the bank will establish
the capacity in which and on whose behalf the accountholder is acting. Legal entities: where the client is a company, such as a private investment company, the private banker will understand the structure of the company sufficiently to determine the provider of funds, principal owner(s) of the shares and those who have control over the funds, e.g. the directors and those with the power to give direction to the directors of the company. With regard to other shareholders the private banker will make a reasonable judgement as to the need for further due diligence. This principle applies regardless of whether the share capital is in registered or bearer form. Trusts: where the client is a trustee, the private banker will understand the structure of the trust sufficiently to determine the provider of funds (e.g. settlor) those who have control over the funds (e.g. trustees) and any persons or entities who have the power to remove the trustees. The private banker will make a reasonable judgement as to the need for further due diligence. Unincorporated associations: the above principles apply to unincorporated associations. The bank will not permit the use of its internal non-client accounts (sometimes referred to as "concentration" accounts) to prevent association of the identity of a client with the movement of funds on the client's behalf, i.e., the bank will not permit the use of such internal accounts in a manner that would prevent the bank from appropriately monitoring the client's account activity. |
|
| 1.2.3 | Accounts held in the name of money managers and similar intermediaries | |
| Accounts held in the name of money managers
and similar intermediaries The private banker will perform due diligence on the intermediary and establish that the intermediary has a due diligence process for its clients, or a regulatory obligation to conduct such due diligence, that is satisfactory to the bank. |
||
|
||
| 1.2.4 | Powers of attorney/Authorized signers | |
| Where the holder of a power of attorney
or another authorized signer is appointed by a client, it is generally
sufficient to do due diligence on the client. |
||
| 1.2.5 | Practices for walk-in clients and electronic banking relationships | |
| A bank will determine whether walk-in clients
or relationships initiated through electronic channels require a higher
degree of due diligence prior to account opening. The bank will specifically
address measures to satisfactorily establish the identity of non-face-to-face
customers. |
||
1.3 |
Due diligence |
|
| It is essential to collect and record information
covering the following categories: |
||
| • • • • • • • • |
Purpose and reasons for opening the account Anticipated account activity Source of wealth (description of the economic activity which has generated the net worth) Estimated net worth Source of wealth (description of the economic activity which has generated the net worth) Estimated net worth Source of funds (description of the origin and the means of transfer for monies that are accepted for the account opening) References or other sources to corroborate reputation information where available. |
|
| Unless other measures reasonably suffice
to do the due diligence on a client (e.g. favorable and reliable references),
a client will be met prior to account opening. |
||
1.4 |
Numbered or alternate name accounts |
|
| Numbered or alternate name accounts will
only be accepted if the bank has established the identity of the client
and the beneficial owner. These accounts must be open to a level of
scrutiny by the bank's appropriate control layers equal to the level
of scrutiny applicable to other client accounts. |
||
|
||
1.5 |
Offshore jurisdictions |
|
| Risks associated with entities organized
in offshore jurisdictions are covered by due diligence procedures
laid out in these guidelines. |
||
1.6 |
Oversight responsibility |
|
| There will be a requirement that all new
clients and new accounts be approved by at least one person other
than the private banker. |
||
2 |
Client acceptance: situations requiring additional diligence / attention |
|
2.1 |
General |
|
| In its internal policies, the bank must
define categories of persons whose circumstances warrant additional
diligence. This will typically be the case where the circumstances
are likely to pose a higher than average risk to a bank. |
||
2.2 |
Indicators |
|
| The circumstances of the following categories
of persons are indicators for defining them as requiring additional
diligence: |
||
| • • • |
Persons residing in and/or having funds sourced from
countries identified by credible sources as having inadequate anti-
money laundering standards or representing high risk for crime and
corruption. Persons engaged in types of business activities or sectors known to be susceptible to money laundering. "Politically Exposed Persons" (frequently abbreviated as "PEPs"), referring to individuals holding or having held positions of public trust, such as government officials, senior executives of government corporations, politicians, important political party officials, etc., as well as their families and close associates. |
|
2.3 |
Senior management approval |
|
| The banks' internal policies should indicate
whether, for any one or more among these categories, senior management
must approve entering into new relationships. Relationships with Politically Exposed Persons may only be entered into with the approval from senior management. |
||
3 |
Updating client files |
|
3.1 |
The private banker is responsible
for updating the client file on a defined basis and/or when there
are major changes. The private banker's supervisor or an independent
control person will review relevant portions of client files on a
regular basis to ensure consistency and completeness. The frequency
of the reviews depends on the size, complexity and risk posed of the
relationship. |
|
3.2 |
With respect to clients classified
under any category of persons mentioned in 2, the banks internal policies
will indicate whether senior management must be involved in these
reviews. |
|
3.3 |
Similarly, with respect to
clients classified as set forth in 3.2, the bank's internal policies
will indicate what management information must be provided to management
and/or other control layers. The policies should also address the
frequency of these information flows. |
|
3.4 |
The reviews of PEPs must
require senior management's involvement. |
|
4 |
Practices when identifying unusual or suspicious activities |
|
4.1 |
Definition of unusual or suspicious activities |
|
| The bank will have a written policy on
the identification of and follow-up on unusual or suspicious activities.
This policy will include a definition of what is considered to be
suspicious or unusual and give examples thereof. |
||
| Unusual or suspicious activities may include: |
||
| • • • |
Account transactions or other activities which are
not consistent with the due diligence file Cash transactions over a certain amount Pass-through / in-and-out-transactions. |
|
4.2 |
Identification of unusual or suspicious activities |
|
| Unusual or suspicious activities can be
identified through: |
||
| • • • • |
Monitoring of transactions Client contacts (meetings, discussions, in-country visits etc.) Third party information (e.g. newspapers, Reuters, internet) Private banker's / internal knowledge of the client's environment (e.g. political situation in his/her country). |
|
|
||
4.3 |
Follow-up on unusual or suspicious activities |
|
| The private banker, management and/or the
control function will carry out an analysis of the background of any
unusual or suspicious activity. If there is no plausible explanation
a decision will be made involving the control function: |
||
| • • • |
To continue the business relationship with increased
monitoring To cancel the business relationship To report the business relationship to the authorities. |
|
| The report to the authorities is made by
the control function and senior management may need to be notified
(e.g. Senior Compliance Officer, CEO, Chief Auditor, General Counsel).
As required by local laws and regulations the assets may be blocked
and transactions may be subject to approval by the control function.
|
||
5 |
Monitoring |
|
5.1 |
Monitoring Program |
|
| A sufficient monitoring program must be
in place. The primary responsibility for monitoring account activities
lies with the private banker. The private banker will be familiar
with significant transactions and increased activity in the account
and will be especially aware of unusual or suspicious activities (see
4.1). The bank will decide to what extent fulfillment of these responsibilities
will need to be supported through the use of automated systems or
other means. |
||
5.2 |
Ongoing Monitoring |
|
| With respect to clients classified under
any category of persons mentioned in 2, the bank's internal policies
will indicate how the account activities will be subject to monitoring. |
||
6 |
Control responsibilities |
|
| A written control policy will be in place
establishing standard control procedures to be undertaken by the various
"control layers" (private banker, independent operations
unit, Compliance, Internal Audit). The control policy will cover issues
of timing, degree of control, areas to be controlled, responsibilities
and follow-up, etc. An independent audit function (which may be internal to the bank) will test the programs contemplated by the control policy. |
||
7 |
Reporting |
|
| There will be regular management reporting
established on money laundering issues (e.g. number of reports to
authorities, monitoring tools, changes in applicable laws and regulations,
the number and scope of training sessions provided to employees). |
||
8 |
Education, training and information |
|
| The bank will establish a training program
on the identification and prevention of money laundering for employees
who have client contact and for Compliance personnel. Regular training
(e.g. annually) will also include how to identify and follow-up on
unusual or suspicious activities. In addition, employees will be informed
about any major changes in anti-money-laundering laws and regulations. All new employees will be provided with guidelines on the anti-money-laundering procedures. |
||
|
||
9 |
Record retention requirements |
|
| The bank will establish record retention
requirements for all anti-money-laundering related documents. The
documents must be kept for a minimum of five years. |
||
10 |
Exceptions and deviations |
|
| he bank will establish an exception and
deviation procedure that requires risk assessment and approval by
an independent unit. |
||
11 |
Anti-money-laundering organization |
|
| The bank will establish an adequately staffed and independent department responsible for the prevention of money laundering (e.g. Compliance, independent control unit, Legal). | ||
|
|
|
© 2008 by The Wolfsberg Group